* g10.c (main): Show errors for failure in export, send-keys, recv-keys,

and refresh-keys.

* keyserver.c (keyserver_work): Range check the TCP port for HKP.

* options.h, g10.c (main): Give algorithm warnings for algorithms chosen
against the --pgpX and --openpgp rules.

* keydb.h, pkclist.c (algo_available): Make TIGER192 invalid in --openpgp
mode.

* sign.c (sign_file), pkclist.c (algo_available): Allow passing a hint of
0.

g10/ChangeLog

@@ -1,6 +1,20 @@
 2003-05-02  David Shaw  <dshaw@jabberwocky.com>
 
-	* sign.c (sign_file): Fix bug that causes spurious compression
+	* g10.c (main): Show errors for failure in export, send-keys,
+	recv-keys, and refresh-keys.
+
+	* keyserver.c (keyserver_work): Range check the TCP port for HKP.
+
+	* options.h, g10.c (main): Give algorithm warnings for algorithms
+	chosen against the --pgpX and --openpgp rules.
+
+	* keydb.h, pkclist.c (algo_available): Make TIGER192 invalid in
+	--openpgp mode.
+
+	* sign.c (sign_file), pkclist.c (algo_available): Allow passing a
+	hint of 0.
+
+	* sign.c (sign_file): Fix bug that causes a spurious compression
 	preference warning.
 
 	* sign.c (clearsign_file): Fix bug that prevents proper warning

g10/g10.c

@@ -1458,7 +1458,7 @@ main( int argc, char **argv )
 	    opt.def_cipher_algo = 0;
 	    opt.def_digest_algo = 0;
 	    opt.cert_digest_algo = 0;
-	    opt.def_compress_algo = 1;
+	    opt.def_compress_algo = -1;
             opt.s2k_mode = 3; /* iterated+salted */
 	    opt.s2k_digest_algo = DIGEST_ALGO_SHA1;
 	    opt.s2k_cipher_algo = CIPHER_ALGO_3DES;
@@ -1844,7 +1844,6 @@ main( int argc, char **argv )
 	opt.escape_from=1;
 	opt.force_v3_sigs=1;
 	opt.ask_sig_expire=0;
-	opt.def_compress_algo=1;
 	opt.force_mdc=0;
 	opt.disable_mdc=1;
       }
@@ -1854,12 +1853,10 @@ main( int argc, char **argv )
 	opt.escape_from=1;
 	opt.force_v3_sigs=1;
 	opt.ask_sig_expire=0;
-	opt.def_compress_algo=1;
       }
     else if(PGP8)
       {
 	opt.escape_from=1;
-	opt.def_compress_algo=1;
       }
 
     /* must do this after dropping setuid, because string_to...
@@ -1942,6 +1939,66 @@ main( int argc, char **argv )
     if( log_get_errorcount(0) )
 	g10_exit(2);
 
+    /* Check our chosen algorithms against the list of legal
+       algorithms. */
+
+    if(!GNUPG)
+      {
+	const char *badalg=NULL;
+	preftype_t badtype=PREFTYPE_NONE;
+
+	if(opt.def_cipher_algo
+	   && !algo_available(PREFTYPE_SYM,opt.def_cipher_algo,NULL))
+	  {
+	    badalg=cipher_algo_to_string(opt.def_cipher_algo);
+	    badtype=PREFTYPE_SYM;
+	  }
+	else if(opt.def_digest_algo
+		&& !algo_available(PREFTYPE_HASH,opt.def_digest_algo,NULL))
+	  {
+	    badalg=digest_algo_to_string(opt.def_digest_algo);
+	    badtype=PREFTYPE_HASH;
+	  }
+	else if(opt.cert_digest_algo
+		&& !algo_available(PREFTYPE_HASH,opt.cert_digest_algo,NULL))
+	  {
+	    badalg=digest_algo_to_string(opt.cert_digest_algo);
+	    badtype=PREFTYPE_HASH;
+	  }
+	else if(opt.def_compress_algo!=-1
+		&& !algo_available(PREFTYPE_ZIP,opt.def_compress_algo,NULL))
+	  {
+	    badalg=compress_algo_to_string(opt.def_compress_algo);
+	    badtype=PREFTYPE_ZIP;
+	  }
+
+	if(badalg)
+	  {
+	    switch(badtype)
+	      {
+	      case PREFTYPE_SYM:
+		log_info(_("you may not use cipher algorithm \"%s\" "
+			   "while in %s mode\n"),
+			 badalg,compliance_option_string());
+		break;
+	      case PREFTYPE_HASH:
+		log_info(_("you may not use digest algorithm \"%s\" "
+			   "while in %s mode\n"),
+			 badalg,compliance_option_string());
+		break;
+	      case PREFTYPE_ZIP:
+		log_info(_("you may not use compression algorithm \"%s\" "
+			   "while in %s mode\n"),
+			 badalg,compliance_option_string());
+		break;
+	      default:
+		BUG();
+	      }
+
+	    compliance_failure();
+	  }
+      }
+
     /* set the random seed file */
     if( use_random_seed ) {
 	char *p = make_filename(opt.homedir, "random_seed", NULL );
@@ -2273,11 +2330,20 @@ main( int argc, char **argv )
 	for( ; argc; argc--, argv++ )
 	    add_to_strlist2( &sl, *argv, utf8_strings );
 	if( cmd == aSendKeys )
-	    keyserver_export( sl );
+	    rc=keyserver_export( sl );
 	else if( cmd == aRecvKeys )
-	    keyserver_import( sl );
+	    rc=keyserver_import( sl );
 	else
-	    export_pubkeys( sl, opt.export_options );
+	    rc=export_pubkeys( sl, opt.export_options );
+	if(rc)
+	  {
+	    if(cmd==aSendKeys)
+	      log_error(_("keyserver send failed: %s\n"),g10_errstr(rc));
+	    else if(cmd==aRecvKeys)
+	      log_error(_("keyserver receive failed: %s\n"),g10_errstr(rc));
+	    else
+	      log_error(_("key export failed: %s\n"),g10_errstr(rc));
+	  }
 	free_strlist(sl);
 	break;
 
@@ -2286,7 +2352,9 @@ main( int argc, char **argv )
 	for( ; argc; argc--, argv++ )
 	  append_to_strlist2( &sl, *argv, utf8_strings );
 
-	keyserver_search( sl );
+	rc=keyserver_search( sl );
+	if(rc)
+	  log_error(_("keyserver search failed: %s\n"),g10_errstr(rc));
 	free_strlist(sl);
 	break;
 
@@ -2294,7 +2362,9 @@ main( int argc, char **argv )
 	sl = NULL;
 	for( ; argc; argc--, argv++ )
 	    add_to_strlist2( &sl, *argv, utf8_strings );
-	keyserver_refresh(sl);
+	rc=keyserver_refresh(sl);
+	if(rc)
+	  log_error(_("keyserver refresh failed: %s\n"),g10_errstr(rc));
 	free_strlist(sl);
 	break;
 

g10/keydb.h

@@ -164,6 +164,7 @@ void show_revocation_reason( PKT_public_key *pk, int mode );
 int  check_signatures_trust( PKT_signature *sig );
 void release_pk_list( PK_LIST pk_list );
 int  build_pk_list( STRLIST rcpts, PK_LIST *ret_pk_list, unsigned use );
+int  algo_available( preftype_t preftype, int algo, void *hint );
 int  select_algo_from_prefs( PK_LIST pk_list, int preftype,
 			     int request, void *hint );
 int  select_mdc_from_pklist (PK_LIST pk_list);

g10/keyserver.c

@@ -194,6 +194,11 @@ parse_keyserver_uri(char *uri,const char *configname,unsigned int configlineno)
 
 	      ch++;
 	    }
+
+	  /* It would seem to be reasonable to limit the range of the
+	     ports to values between 1-65535, but RFC 1738 and 1808
+	     imply there is no limit.  Of course, the real world has
+	     limits. */
 	}
 
       /* (any path part of the URI is discarded for now as no keyserver
@@ -679,6 +684,10 @@ keyserver_work(int action,STRLIST list,KEYDB_SEARCH_DESC *desc,int count)
 	  log_error(_("no keyserver known (use option --keyserver)\n"));
 	  return G10ERR_BAD_URI;
 	}
+      else if(opt.keyserver_port && (strlen(opt.keyserver_port)>5
+				     || atoi(opt.keyserver_port)<1
+				     || atoi(opt.keyserver_port)>65535))
+	return G10ERR_BAD_URI;
       else
 	{
 	  void *stats_handle = import_new_stats_handle ();

g10/options.h

@@ -204,6 +204,7 @@ struct {
 #define DBG_HASHING (opt.debug & DBG_HASHING_VALUE)
 #define DBG_EXTPROG (opt.debug & DBG_EXTPROG_VALUE)
 
+#define GNUPG   (opt.compliance==CO_GNUPG)
 #define RFC1991 (opt.compliance==CO_RFC1991 || opt.compliance==CO_PGP2)
 #define RFC2440 (opt.compliance==CO_RFC2440)
 #define PGP2    (opt.compliance==CO_PGP2)

g10/pkclist.c

@@ -1088,40 +1088,54 @@ build_pk_list( STRLIST rcpts, PK_LIST *ret_pk_list, unsigned use )
    intersection"), and PGP has no mechanism to fix such a broken
    preference list, so I'm including it. -dms */
 
-static int
-algo_available( int preftype, int algo, void *hint )
+int
+algo_available( preftype_t preftype, int algo, void *hint )
 {
-    if( preftype == PREFTYPE_SYM ) {
-        if( PGP6 && ( algo != 1 && algo != 2 && algo != 3) )
+  if( preftype == PREFTYPE_SYM )
+    {
+      if(PGP6 && (algo != CIPHER_ALGO_IDEA
+		  && algo != CIPHER_ALGO_3DES
+		  && algo != CIPHER_ALGO_CAST5))
 	return 0;
       
-        if( (PGP7 || PGP8)
-	    && (algo != 1 && algo != 2 && algo != 3
-		&& algo != 7 && algo != 8 && algo != 9 && algo != 10) )
+      if((PGP7 || PGP8) && (algo != CIPHER_ALGO_IDEA
+			    && algo != CIPHER_ALGO_3DES
+			    && algo != CIPHER_ALGO_CAST5
+			    && algo != CIPHER_ALGO_AES
+			    && algo != CIPHER_ALGO_AES192
+			    && algo != CIPHER_ALGO_AES256
+			    && algo != CIPHER_ALGO_TWOFISH))
 	return 0;
 
       return algo && !check_cipher_algo( algo );
     }
-    else if( preftype == PREFTYPE_HASH ) {
-        int bits=0;
-
-	if(hint)
-	  bits=*(int *)hint;
-
-	if(bits && (bits != md_digest_length(algo)))
+  else if( preftype == PREFTYPE_HASH )
+    {
+      if(hint && ((*(int *)hint) != md_digest_length(algo)))
 	return 0;
 
-        if( (PGP6 || PGP7) && (algo != 1 && algo != 2 && algo != 3) )
+      if((PGP6 || PGP7) && (algo != DIGEST_ALGO_MD5
+			    && algo != DIGEST_ALGO_SHA1
+			    && algo != DIGEST_ALGO_RMD160))
 	return 0;
 
-	if( PGP8 && (algo != 1 && algo != 2 && algo != 3 && algo != 8))
+
+      if(PGP8 && (algo != DIGEST_ALGO_MD5
+		  && algo != DIGEST_ALGO_SHA1
+		  && algo != DIGEST_ALGO_RMD160
+		  && algo != DIGEST_ALGO_SHA256))
+	return 0;
+
+      /* TIGER is not allowed any longer according to 2440bis. */
+      if( RFC2440 && algo == DIGEST_ALGO_TIGER )
 	return 0;
 
       return algo && !check_digest_algo( algo );
     }
-    else if( preftype == PREFTYPE_ZIP ) {
-        if ( ( PGP6 || PGP7 || PGP8 )
-	     && ( algo !=0 && algo != 1) )
+  else if( preftype == PREFTYPE_ZIP )
+    {
+      if((PGP6 || PGP7 || PGP8) && (algo != COMPRESS_ALGO_NONE
+				    && algo != COMPRESS_ALGO_ZIP))
 	return 0;
 
       return !check_compress_algo( algo );

g10/sign.c

@@ -720,7 +720,8 @@ sign_file( STRLIST filenames, int detached, STRLIST locusr,
 		hashlen=20;
 
 	    if((algo=
-		select_algo_from_prefs(pk_list,PREFTYPE_HASH,-1,&hashlen))>0)
+		select_algo_from_prefs(pk_list,PREFTYPE_HASH,-1,
+				       hashlen?&hashlen:NULL))>0)
 	      recipient_digest_algo=algo;
 	  }
       }